diff --git a/resources/sql/autopatches/20181213.auth.01.sessionphid.sql b/resources/sql/autopatches/20181213.auth.01.sessionphid.sql
new file mode 100644
index 0000000000..34b5aa5bf6
--- /dev/null
+++ b/resources/sql/autopatches/20181213.auth.01.sessionphid.sql
@@ -0,0 +1,2 @@
+ALTER TABLE {$NAMESPACE}_user.phabricator_session
+  ADD phid VARBINARY(64) NOT NULL;
diff --git a/resources/sql/autopatches/20181213.auth.02.populatephid.php b/resources/sql/autopatches/20181213.auth.02.populatephid.php
new file mode 100644
index 0000000000..314eaf87a3
--- /dev/null
+++ b/resources/sql/autopatches/20181213.auth.02.populatephid.php
@@ -0,0 +1,18 @@
+<?php
+
+$table = new PhabricatorAuthSession();
+$iterator = new LiskMigrationIterator($table);
+$conn = $table->establishConnection('w');
+
+foreach ($iterator as $session) {
+  if (strlen($session->getPHID())) {
+    continue;
+  }
+
+  queryfx(
+    $conn,
+    'UPDATE %R SET phid = %s WHERE id = %d',
+    $table,
+    $session->generatePHID(),
+    $session->getID());
+}
diff --git a/resources/sql/autopatches/20181213.auth.03.phidkey.sql b/resources/sql/autopatches/20181213.auth.03.phidkey.sql
new file mode 100644
index 0000000000..6bc11b3e55
--- /dev/null
+++ b/resources/sql/autopatches/20181213.auth.03.phidkey.sql
@@ -0,0 +1,2 @@
+ALTER TABLE {$NAMESPACE}_user.phabricator_session
+  ADD UNIQUE KEY `key_phid` (phid);
diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
index 09430367d9..420457f525 100644
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -2296,6 +2296,7 @@ phutil_register_library_map(array(
     'PhabricatorAuthSessionEngineExtensionModule' => 'applications/auth/engine/PhabricatorAuthSessionEngineExtensionModule.php',
     'PhabricatorAuthSessionGarbageCollector' => 'applications/auth/garbagecollector/PhabricatorAuthSessionGarbageCollector.php',
     'PhabricatorAuthSessionInfo' => 'applications/auth/data/PhabricatorAuthSessionInfo.php',
+    'PhabricatorAuthSessionPHIDType' => 'applications/auth/phid/PhabricatorAuthSessionPHIDType.php',
     'PhabricatorAuthSessionQuery' => 'applications/auth/query/PhabricatorAuthSessionQuery.php',
     'PhabricatorAuthSessionRevoker' => 'applications/auth/revoker/PhabricatorAuthSessionRevoker.php',
     'PhabricatorAuthSetPasswordController' => 'applications/auth/controller/PhabricatorAuthSetPasswordController.php',
@@ -7948,6 +7949,7 @@ phutil_register_library_map(array(
     'PhabricatorAuthSessionEngineExtensionModule' => 'PhabricatorConfigModule',
     'PhabricatorAuthSessionGarbageCollector' => 'PhabricatorGarbageCollector',
     'PhabricatorAuthSessionInfo' => 'Phobject',
+    'PhabricatorAuthSessionPHIDType' => 'PhabricatorPHIDType',
     'PhabricatorAuthSessionQuery' => 'PhabricatorCursorPagedPolicyAwareQuery',
     'PhabricatorAuthSessionRevoker' => 'PhabricatorAuthRevoker',
     'PhabricatorAuthSetPasswordController' => 'PhabricatorAuthController',
diff --git a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
index 4ce86e8f97..ada4162067 100644
--- a/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
+++ b/src/applications/auth/engine/PhabricatorAuthSessionEngine.php
@@ -119,6 +119,7 @@ final class PhabricatorAuthSessionEngine extends Phobject {
       $conn_r,
       'SELECT
           s.id AS s_id,
+          s.phid AS s_phid,
           s.sessionExpires AS s_sessionExpires,
           s.sessionStart AS s_sessionStart,
           s.highSecurityUntil AS s_highSecurityUntil,
diff --git a/src/applications/auth/phid/PhabricatorAuthSessionPHIDType.php b/src/applications/auth/phid/PhabricatorAuthSessionPHIDType.php
new file mode 100644
index 0000000000..e031c4ae88
--- /dev/null
+++ b/src/applications/auth/phid/PhabricatorAuthSessionPHIDType.php
@@ -0,0 +1,34 @@
+<?php
+
+final class PhabricatorAuthSessionPHIDType
+  extends PhabricatorPHIDType {
+
+  const TYPECONST = 'SSSN';
+
+  public function getTypeName() {
+    return pht('Session');
+  }
+
+  public function newObject() {
+    return new PhabricatorAuthSession();
+  }
+
+  public function getPHIDTypeApplicationClass() {
+    return 'PhabricatorAuthApplication';
+  }
+
+  protected function buildQueryForObjects(
+    PhabricatorObjectQuery $query,
+    array $phids) {
+    return id(new PhabricatorAuthSessionQuery())
+      ->withPHIDs($phids);
+  }
+
+  public function loadHandles(
+    PhabricatorHandleQuery $query,
+    array $handles,
+    array $objects) {
+    return;
+  }
+
+}
diff --git a/src/applications/auth/query/PhabricatorAuthSessionQuery.php b/src/applications/auth/query/PhabricatorAuthSessionQuery.php
index 25928e72c1..a2101201e2 100644
--- a/src/applications/auth/query/PhabricatorAuthSessionQuery.php
+++ b/src/applications/auth/query/PhabricatorAuthSessionQuery.php
@@ -4,6 +4,7 @@ final class PhabricatorAuthSessionQuery
   extends PhabricatorCursorPagedPolicyAwareQuery {
 
   private $ids;
+  private $phids;
   private $identityPHIDs;
   private $sessionKeys;
   private $sessionTypes;
@@ -28,19 +29,17 @@ final class PhabricatorAuthSessionQuery
     return $this;
   }
 
+  public function withPHIDs(array $phids) {
+    $this->phids = $phids;
+    return $this;
+  }
+
+  public function newResultObject() {
+    return new PhabricatorAuthSession();
+  }
+
   protected function loadPage() {
-    $table = new PhabricatorAuthSession();
-    $conn_r = $table->establishConnection('r');
-
-    $data = queryfx_all(
-      $conn_r,
-      'SELECT * FROM %T %Q %Q %Q',
-      $table->getTableName(),
-      $this->buildWhereClause($conn_r),
-      $this->buildOrderClause($conn_r),
-      $this->buildLimitClause($conn_r));
-
-    return $table->loadAllFromArray($data);
+    return $this->loadStandardPage($this->newResultObject());
   }
 
   protected function willFilterPage(array $sessions) {
@@ -65,8 +64,8 @@ final class PhabricatorAuthSessionQuery
     return $sessions;
   }
 
-  protected function buildWhereClause(AphrontDatabaseConnection $conn) {
-    $where = array();
+  protected function buildWhereClauseParts(AphrontDatabaseConnection $conn) {
+    $where = parent::buildWhereClauseParts($conn);
 
     if ($this->ids !== null) {
       $where[] = qsprintf(
@@ -75,6 +74,13 @@ final class PhabricatorAuthSessionQuery
         $this->ids);
     }
 
+    if ($this->phids !== null) {
+      $where[] = qsprintf(
+        $conn,
+        'phid IN (%Ls)',
+        $this->phids);
+    }
+
     if ($this->identityPHIDs !== null) {
       $where[] = qsprintf(
         $conn,
@@ -100,9 +106,7 @@ final class PhabricatorAuthSessionQuery
         $this->sessionTypes);
     }
 
-    $where[] = $this->buildPagingClause($conn);
-
-    return $this->formatWhereClause($conn, $where);
+    return $where;
   }
 
   public function getQueryApplicationClass() {
diff --git a/src/applications/auth/storage/PhabricatorAuthSession.php b/src/applications/auth/storage/PhabricatorAuthSession.php
index cf707a053d..c4731b669b 100644
--- a/src/applications/auth/storage/PhabricatorAuthSession.php
+++ b/src/applications/auth/storage/PhabricatorAuthSession.php
@@ -20,6 +20,7 @@ final class PhabricatorAuthSession extends PhabricatorAuthDAO
   protected function getConfiguration() {
     return array(
       self::CONFIG_TIMESTAMPS => false,
+      self::CONFIG_AUX_PHID => true,
       self::CONFIG_COLUMN_SCHEMA => array(
         'type' => 'text32',
         'sessionKey' => 'bytes40',
@@ -74,6 +75,10 @@ final class PhabricatorAuthSession extends PhabricatorAuthDAO
     }
   }
 
+  public function getPHIDType() {
+    return PhabricatorAuthSessionPHIDType::TYPECONST;
+  }
+
   public function isHighSecuritySession() {
     $until = $this->getHighSecurityUntil();